package com.hnhegui.backend.interceptor;

import cn.hutool.core.util.ObjectUtil;
import com.hnhegui.backend.enu.UserRoleEnum;
import com.hnhegui.backend.exception.BusinessException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

/**
 * 管理员权限拦截器
 */
@Component
public class AdminInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        // 从请求属性中获取角色信息（由AuthInterceptor设置）
        String role = (String) request.getAttribute("role");
        
        if (!ObjectUtil.equals(UserRoleEnum.ADMIN.name(), role)) {
            throw new BusinessException(40301, "无权限访问");
        }

        return true;
    }
}
